If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Try Windows 2000?

This tutorial didn't work for me. I've tried it on at least 10 different PCs. sessions -l never lists any sessions. Any ideas??? I do update my metasploit each time.

I've got a old Win 2000 laptop i keep just for TFPT practice and the like, and autopwn has worked first time every time against it

Trying to replicate it manually but i'm missing something because I can't do it normally using MSF.

The laptop is fully patched (i cross my fingers every time it auto-updates, and autopwn keeps working!) and its a genuine OS. Nessus still shows it to have 11 serious problems.....

TT

Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.

First off I'll admit I'm a total noob here. I've been in the network field for several years, and am attempting to learn pen testing. I have a server running VMware Server with plenty of RAM for a test environment.

I've updated Fasttrack, and ran it on several machines and couldn't get a session.

Next, I fired up a DVL (damn vulnerable Linux), no session still. I admit I don't know much about DVL, and am sure it was because I didn't have any services up.

I then installed a fresh copy of XP (no SP, no updates, first build version ever directly from the MSDN site 8-25-05 version). I still can't get a session.

What am I doing wrong here?

Thanks

OK, I found the issue. I was simply too impatient. After waiting for a while it did open up a session on the fresh XP box.

First off I'll admit I'm a total noob here. I've been in the network field for several years, and am attempting to learn pen testing. I have a server running VMware Server with plenty of RAM for a test environment.

I've updated Fasttrack, and ran it on several machines and couldn't get a session.

Next, I fired up a DVL (damn vulnerable Linux), no session still. I admit I don't know much about DVL, and am sure it was because I didn't have any services up.

I then installed a fresh copy of XP (no SP, no updates, first build version ever directly from the MSDN site 8-25-05 version). I still can't get a session.

What am I doing wrong here?

Thanks

OK, I found the issue. I was simply too impatient. After waiting for a while it did open up a session on the fresh XP box.

I'll try some more boxes now, and document my results.

Yesterday I have tried metasploit autopwn against my XP pro (no SP's) and Server2003 (also, no updates). And it worked. But, after I have updated fast-track/metasploit (and other tools too), I couldn't get it working again!

Every time I try to get a cmd session on the above mentioned Windows boxes, I don´t get any.. that´s after I updated metasploit.

Are you, or enyone else, familiar with this issue?

BTW, I'm running BT3 final. Sorry if this is the wrong section for BT3.

I am not having this issue at all. I've only used Metasploit after upgrading it to the latest version with all of the updates. I was able to get two open sessions on a vanilla default install of XP every time. I was not able to get any sessions on a Server 2003 box, but that was R2 with all of the updates. This Wednesday I'll try to do a reverse shell session by executing the shell from the Server 2003 box and see what happens.

I am surprised that it didn't work for you after you updated Metasploit. Did you try rebooting the victim Windows boxes between attempts?

I am not having this issue at all. I've only used Metasploit after upgrading it to the latest version with all of the updates. I was able to get two open sessions on a vanilla default install of XP every time. I was not able to get any sessions on a Server 2003 box, but that was R2 with all of the updates. This Wednesday I'll try to do a reverse shell session by executing the shell from the Server 2003 box and see what happens.

I am surprised that it didn't work for you after you updated Metasploit. Did you try rebooting the victim Windows boxes between attempts?

Yes. Neither the XP pro and 2003 are working anymore. I have multiple OS install in my victim machine. Before I updated fast-track it worked fine. Also, when I did the attack, I noticed the blue taskbar on XP pro suddenly changed to the standard gray.. don't know if that's because of my attack..

Is there a way to undo the update?

EDIT:

Ok, I've tried it again, but now I got a meterpreter session.. I tried 'ipconfig' and it displays the IP information of the victim PC so I'm in the victim PC but I want a cmd shell, not a meterpreter. Why am I getting a meterpreter session instead of cmd sessions? And what is the difference?